$ rpki-client -vvf rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft File: D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft (raw, json) Hash identifier: Kb+RWhb+alaMShx2t12SE9W7Jin0n4LPXHEM3MWuYOA= Subject key identifier: D0:F8:FE:03:5E:78:65:FB:01:00:E0:7F:82:68:30:F7:87:B4:D6:9E Authority key identifier: D1:24:86:07:B0:DD:D0:A2:16:E8:D7:FA:C5:E2:C2:E7:77:0A:11:39 Certificate issuer: /CN=A91E5D610000/serialNumber=D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139 Certificate serial: 5BD56868D845A17FBCC757DCE1D17453FEA1A33E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0SSGB7Dd0KIW6Nf6xeLC53cKETk.cer Subject info access: rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft Manifest number: 10A4 Signing time: Sat 23 Aug 2025 12:39:43 +0000 Manifest this update: Sat 23 Aug 2025 12:34:43 +0000 Manifest next update: Sun 24 Aug 2025 13:03:43 +0000 Files and hashes: 1: 49776F25BA047DAE0837698DFC0C1C9689EE4FAA.cer (hash: SfgNng1eQqESKDp6G91JZBmwAJymbp2wYyyQ9zQ4hBA=) 2: 3130332e3136352e3131302e302f32332d3237203d3e2034353338.roa (hash: 6MjfCdO/U3fL4/c/dCU0znKWIfM8vw+R1ZWDGwd991o=) 3: C6F78F62408927F518ECE35D446D4E99A20B6318.cer (hash: 3KjCS6088NAGjC+MftNTJcroirKVRSkkLzJlsj9HzEw=) 4: D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.crl (hash: 03hDC9OZWeujMUjYZMNBPHWTfNZ6ysKCh1IXanBsRUs=) Validation: OK Signature path: rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.crl rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0SSGB7Dd0KIW6Nf6xeLC53cKETk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:03:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d5:68:68:d8:45:a1:7f:bc:c7:57:dc:e1:d1:74:53:fe:a1:a3:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610000, serialNumber=D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139 Validity Not Before: Aug 23 12:34:43 2025 GMT Not After : Aug 24 13:03:43 2025 GMT Subject: CN=D0F8FE035E7865FB0100E07F826830F787B4D69E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:cd:5c:1a:7d:b0:1d:eb:11:03:36:78:0e:35: aa:41:76:bc:c1:e6:e5:97:0a:fe:c8:c4:d8:1f:f2: cf:c9:ab:5e:d8:ca:ea:57:f8:25:24:42:60:1a:e4: 88:de:33:9a:4b:7f:30:fd:38:d4:7e:5b:21:e6:db: 38:8b:f7:82:12:28:15:47:9e:c7:0e:a3:dc:c2:5f: 8c:51:ac:72:d3:c4:f6:08:37:38:e1:23:02:08:9a: e2:cd:e7:df:50:bf:56:63:a5:e9:dd:2c:12:0e:2c: 80:d2:e5:f6:08:91:e3:01:2b:b7:c4:ce:41:6b:9c: 37:3f:11:03:71:2c:5e:ed:0a:2e:76:28:99:4d:a2: c5:a3:7e:c6:6c:a5:d8:94:0d:d4:9d:95:a3:3f:2d: 4b:f2:23:d8:d8:31:f3:3d:f3:e6:23:20:01:53:e0: 3f:9f:19:e5:79:31:49:b0:3a:3f:5a:f2:11:9f:6c: 6e:5b:76:0b:81:28:92:74:a9:81:aa:6a:8d:f7:45: 05:99:34:00:01:ce:12:45:e1:0a:f5:67:e4:df:79: ba:a6:c6:35:08:94:58:fc:1a:a8:e8:14:7f:34:92: 84:a8:39:f8:35:b6:40:09:d7:f3:c4:66:c8:f1:65: e8:03:67:ec:0f:bc:0d:12:58:21:fe:0f:3e:5b:1c: b2:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:F8:FE:03:5E:78:65:FB:01:00:E0:7F:82:68:30:F7:87:B4:D6:9E X509v3 Authority Key Identifier: keyid:D1:24:86:07:B0:DD:D0:A2:16:E8:D7:FA:C5:E2:C2:E7:77:0A:11:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0SSGB7Dd0KIW6Nf6xeLC53cKETk.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:18:8e:00:fb:92:ee:4b:1a:36:f5:7c:08:92:24:cb:d8:f1: 98:39:8c:e9:96:59:db:0b:5e:2a:13:31:64:df:40:0d:ba:5d: 93:78:4f:b2:6e:a4:cb:7a:ea:6c:86:b7:e7:54:32:db:52:ef: 22:dc:49:24:6c:20:df:00:c6:6b:b3:fe:9a:20:23:e2:7a:c2: 6d:fa:16:99:d9:ae:73:f8:be:27:24:ff:72:3d:bf:37:60:68: 89:c2:6f:d3:51:56:fb:1b:fc:87:bf:b4:07:65:73:cf:2c:2c: cb:cb:5e:92:ee:23:e2:75:fa:ff:b9:fa:ee:58:b0:a7:a6:f4: d7:12:83:fc:04:1c:75:f9:08:0b:3a:95:c2:b3:8b:f5:cc:b2: fa:a4:f0:df:ac:55:f7:3b:0e:7f:0c:68:20:0d:97:82:ec:40: 7a:74:c2:02:7b:f5:92:65:f1:5d:62:23:dc:39:e6:26:fc:62: 63:50:26:4c:1f:79:16:34:cb:37:2f:af:e2:ff:5b:fa:3e:ce: c8:78:42:0a:75:71:b3:e5:70:0a:2a:63:f1:c7:fe:5d:d1:b3: ac:59:79:87:64:7a:e7:38:0c:dd:6d:df:8e:73:c6:cf:3e:8b: 39:7f:8e:64:9e:56:6b:5c:72:ad:60:2d:61:15:68:67:79:d3: 1f:e8:f3:94 -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgIUW9VoaNhFoX+8x1fc4dF0U/6hoz4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAwMTEwLwYDVQQFEyhEMTI0ODYwN0Iw REREMEEyMTZFOEQ3RkFDNUUyQzJFNzc3MEExMTM5MB4XDTI1MDgyMzEyMzQ0M1oX DTI1MDgyNDEzMDM0M1owMzExMC8GA1UEAxMoRDBGOEZFMDM1RTc4NjVGQjAxMDBF MDdGODI2ODMwRjc4N0I0RDY5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJLNXBp9sB3rEQM2eA41qkF2vMHm5ZcK/sjE2B/yz8mrXtjK6lf4JSRCYBrk iN4zmkt/MP041H5bIebbOIv3ghIoFUeexw6j3MJfjFGsctPE9gg3OOEjAgia4s3n 31C/VmOl6d0sEg4sgNLl9giR4wErt8TOQWucNz8RA3EsXu0KLnYomU2ixaN+xmyl 2JQN1J2Voz8tS/Ij2Ngx8z3z5iMgAVPgP58Z5XkxSbA6P1ryEZ9sblt2C4EoknSp gapqjfdFBZk0AAHOEkXhCvVn5N95uqbGNQiUWPwaqOgUfzSShKg5+DW2QAnX88Rm yPFl6ANn7A+8DRJYIf4PPlscskMCAwEAAaOCAgMwggH/MB0GA1UdDgQWBBTQ+P4D Xnhl+wEA4H+CaDD3h7TWnjAfBgNVHSMEGDAWgBTRJIYHsN3Qohbo1/rF4sLndwoR OTAOBgNVHQ8BAf8EBAMCB4AwZgYDVR0fBF8wXTBboFmgV4ZVcnN5bmM6Ly9ycGtp LmNlcm5ldC5lZHUuY24vcmVwby9jZXJuZXQvMS9EMTI0ODYwN0IwREREMEEyMTZF OEQ3RkFDNUUyQzJFNzc3MEExMTM5LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1 ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8wU1NHQjdEZDBLSVc2TmY2eGVMQzUz Y0tFVGsuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9y cGtpLmNlcm5ldC5lZHUuY24vcmVwby9jZXJuZXQvMS9EMTI0ODYwN0IwREREMEEy MTZFOEQ3RkFDNUUyQzJFNzc3MEExMTM5Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBiOAPuS7ksaNvV8 CJIky9jxmDmM6ZZZ2wteKhMxZN9ADbpdk3hPsm6ky3rqbIa351Qy21LvItxJJGwg 3wDGa7P+miAj4nrCbfoWmdmuc/i+JyT/cj2/N2BoicJv01FW+xv8h7+0B2Vzzyws y8teku4j4nX6/7n67liwp6b01xKD/AQcdfkICzqVwrOL9cyy+qTw36xV9zsOfwxo IA2XguxAenTCAnv1kmXxXWIj3DnmJvxiY1AmTB95FjTLNy+v4v9b+j7OyHhCCnVx s+VwCipj8cf+XdGzrFl5h2R65zgM3W3fjnPGzz6LOX+OZJ5Wa1xyrWAtYRVoZ3nT H+jzlA== -----END CERTIFICATE-----Generated at Sat Aug 23 15:29:03 2025 by rpki-client